Twitter Facebook Google RSS
 
National Defense > Blog > Posts > Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic: UPDATED

11/12/2010

Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic: UPDATED
For 18 minutes in April, China’s state-controlled telecommunications company hijacked 15 percent of the world’s Internet traffic, including data from U.S. military, civilian organizations and those of other U.S. allies.

This massive redirection of data has received scant attention in the mainstream media because the mechanics of how the hijacking was carried out and the implications of the incident are difficult for those outside the cybersecurity community to grasp, said a top security expert at McAfee, the world’s largest dedicated Internet security company.

In short, the Chinese could have carried out eavesdropping on unprotected communications — including emails and instant messaging — manipulated data passing through their country or decrypted messages, Dmitri Alperovitch, vice president of threat research at McAfee said.

Nobody outside of China can say, at least publicly, what happened to the terabytes of data after the traffic entered China.

The incident may receive more attention when the U.S.-China Economic and Security Review Commission, a congressional committee, releases its annual report on the bilateral relationship Nov. 17. A commission press release said the 2010 report will address “the increasingly sophisticated nature of malicious computer activity associated with China.”

Said Alperovitch: “This is one of the biggest — if not the biggest hijacks — we have ever seen.” And it could happen again, anywhere and anytime. It’s just the way the Internet works, he explained. “What happened to the traffic while it was in China? No one knows.”

The telephone giants of the world work on a system based on trust, he explained. Machine-to-machine interfaces send out messages to the Internet informing other service providers that they are the fastest and most efficient way for data packets to travel. For 18 minutes April 8, China Telecom Corp. told many ISPs of the world that its routes were the best paths to send traffic.

For example, a person sending information from Arlington, Va., to the White House in Washington, D.C. — only a few miles away — could have had his data routed through China. Since traffic moves around the world in milliseconds, the computer user would not have noticed the delay.

This happens accidentally a few times per year, Alperovitch said. What set this incident apart from other such mishaps was the fact that China Telecom could manage to absorb this large amount of data and send it back out again without anyone noticing a disruption in service. In previous incidents, the data would have reached a dead end, and users would not have been able to connect.

Also, the list of hijacked data just happened to include preselected destinations around the world that encompassed military, intelligence and many civilian networks in the United States and other allies such as Japan and Australia, he said. “Why would you keep that list?” Alperovitch asked.

The incident involved 15 percent of Internet traffic, he stressed. The amount of data included in all these packets is difficult to calculate. The data could have been stored so it could be examined later, he added. “Imagine the capability and capacity that is built into their networks. I’m not sure there was anyone else in the world who could have taken on that much traffic without breaking a sweat,” Alperovitch said.

McAfee has briefed U.S. government officials on the incident, but they were not alarmed. They said their Internet communications are encrypted. However, encryption also works on a basis of trust, McAfee experts pointed out. And that trust can be exploited.

Internet encryption depends on two keys. One key is private and not shared, and the other is public, and is embedded in most computer operating systems. Unknown to most computer users, Microsoft, Apple and other software makers embed the public certificates in their operating systems. They also trust that this system won’t be abused.

Among the certificates is one from the China Internet Information Center, an arm of the China’s Ministry of Information and Industry.

 “If China telecom intercepts that [encrypted message] and they are sitting on the middle of that, they can send you their public key with their public certificate and you will not know any better,” he said. The holder of this certificate has the capability to decrypt encrypted communication links, whether it’s web traffic, emails or instant messaging, Alperovitch said. “It is a flaw in the way the Internet operates,” said Yoris Evers, director of worldwide public relations at McAfee.

No one outside of China can say whether any of these potentially nefarious events occurred, Alperovitch noted. “It did not make mainstream news because it is so esoteric and hard to understand,” he added. It is not defined as a cyberattack because no sites were hacked or shut down. “But it is pretty disconcerting.”

And the hijacking took advantage of the way the Internet operates. “It can happen again. They can do it tomorrow or they can do it in an hour. And the same problem will occur again.”

CLARIFICATION: Alperovitch in a McAfee blog has clarified that 15 percent of the world's routes were directed to China, not 15 percent of the traffic. In an earlier interview he stated: “In terms of the overall traffic they took, it’s very hard to estimate, but it was a lot more than 15 percent of the world’s traffic [that] their pipes were able to handle without crashing.”

Read more about the increasingly sophisticated nature of cyberespionage and attacks in the January issue of National Defense Magazine.
 

Posted at 9:50 AM by Stew Magnuson | Permalink | Email this Post | Comments (45)

Comments

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

This is a huge wake up call to our Cyber Policy Leadership in the White House and in the Pentagon.  The US should not be doing ANY business with China owned telecom/equipment companies for this very reason.   I would have liked to seen a perspective on China's effort to buy into US based Telecom companies.   This significantly increases the threat, and requires immediate action. 

Federal Agencies will need to step up their technology acquisition processes to include a check for potential Chinese made routers, switches and/computers that could expand China's ability to break into our secure networks.  
John A Weiler at 11/15/2010 5:20 PM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

As Michael Stevens mentions in his article titled, "China's Growing Cyber Threat, "China is directing “the single largest, most intensive foreign intelligence gathering effort since the Cold War” against the United States."

http://www.securityweek.com/chinas-cyber-threat-growing

China is investing in the resources needed for “building an informationalized force and winning an informationalized war,” including a 1,100 person cyber operation with a submarine cave entrance worthy of a James Bond film, all hidden beneath the white sands and villages of Hainan Island, a popular tourist destination.
Mike at 11/15/2010 11:49 PM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

Where's the part about Deutsche Telekom who's been hijacking data streams for specific Shanghai IP ranges for several WEEKS? (A slowdown which *was* noticeable by those affected.)
jeff at 11/16/2010 1:01 AM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

There is only one r in terabytes.
Sam Bowne at 11/16/2010 1:27 AM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

wow. that's crazy. i thought the rule was just don't browse the internet in china. didn't realize they could still attack me in my own home.

sucks.

http://tech.rawsignal.com
troy at 11/16/2010 1:34 AM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

Talk to Cisco.
David C. Manchester at 11/16/2010 2:12 AM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

I am sorry to say that, but you are wrong regarding the safety of encrypted communication. The peers using encryption to communicate, exchange the public keys. As the word 'public' means, there is no harm if the public key is known to a third party, because the key is intended to be known to anybody. Indeed, there is some risk of the man-in-the-middle attack but your e-mail agent, web browser or ssh terminal should inform you the security certificate of the peer is not trusted.

See: en.wikipedia.org/wiki/Diffie–Hellman_key_exchange
Maksymilian Wojakowski at 11/16/2010 2:35 AM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

One of the biggest weaknesses is the list of "root certificates" bundled with every browser.

It is not a standard list, every browser developer has its own rules and regulations what he will add. There was a security incident a few months ago that all major browsers were adding an old, out-of-use certificate that no one really knew well.

Then, a lot of root certificates are from US based companies - and it is already known that some US state agencies can easily decrypt traffic that is encrypted via these certificates by using special "keys".

I suppose it will be the same for China state agencies and the Chinese certificates.

In our case (https://secure.cloudsafe.com/) we opted for a Swiss root certificate. It is one of the very few independent and secure authorities in the world.
Roberto at 11/16/2010 3:45 AM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

"from Arlington, Va., to the White House in Washington, D.C. — only a few miles away — could have had his data routed through China"

Quite unlikely, while the prefix might have been pick-up, the routers would have been determined it is not the best path from VA to China to the White House, and would have choose to send traffic in China due to the cost of such routing.

The incident lasted 18 minutes.

The one really impacted might have been Asian traffic, but due to the time line of the incident a human error is a very possible scenario too.
Cliffer at 11/16/2010 4:48 AM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

Cisco what have you done? It's ironic. A U.S Company named Cisco is the one who provides China with all the hi-tech network devices. USA is really a weird country. You promote Chinas activities by selling and cooperating with them the best network equipment and the most advanced., yet you start whining when they hijack the world and your own country.
J at 11/16/2010 5:55 AM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

Tea cup + Storm.

Why are some people in the states so freaked out about China?  Get over it.  They are no threat.  Not now, not before and not in the future - learn from history people.

As to the key stuff...the author thinks we are all dumb and has forgotten about the concept of one way trap door algorithms, DH encryption and finger printing.

I am reminded of that South Park episode that came out the week after the 2008 Olympics.... pathetic.
Richard Ford at 11/16/2010 6:20 AM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

Trust the SWISS?  Perhaps you should read:

http://en.wikipedia.org/wiki/Crypto_AG

It is a well known case of how it was leaked that a very respected Swiss company was a front for NSA operations. Even the Vatican threw away some of their encryption devices in the 90s once this information became public knowledge.

Good Luck against the Chinese. The world has given them the keys to the kingdom they produce the chips that run the worlds computers, no? Feeble attempts from people that do not know what goes into the microcode....Game over Bubba!
Swiss Cheese at 11/16/2010 6:45 AM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

@Roberto - It doesn't matter which CA one uses. As long as another CA appears in a browser's trusted root list, that other CA can issue a rogue certificate against our domain.

There is no added benefit of using one CA over another. All CAs in the browser's trusted root list have equal standing.
cjp at 11/16/2010 9:32 AM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

The description of "Internet encryption" in this piece, particularly in the context of discussing military and intelligence traffic, is simplistic and unbecoming of a publication with the word "defense" in the title. There are other means of doing transport security on the Internet, ones that do not rely on assymetric keys at all, or employ securely managed assymetric keying -- it is fairly disappointing this is so completely missed here.
JHK at 11/16/2010 10:32 AM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

BGPmon.net has a detailed explanation of what exactly happened that day:
http://bgpmon.net/blog/?p=282

If this was an intentional attack instead of an accident, they didn't really try to hide this attack. There are ways to have this attack executed in a more stealth mode.



BGP Dude at 11/16/2010 11:17 AM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

Er, anyone got any proof? Of course not. Anti Chinese propaganda. Uncle Sam's got no money left and wants to blame someone, how about the guys that have been lending you theirs. Pathetic.
Geltmeister at 11/16/2010 3:49 PM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

Yeah...but...but....but they like paper lanterns, and dragon parades and the "pop-pop-pop" of firecrackers and Americans love Crab Rangoon and General TSO's chicken. They must be our friends.
Vox at 11/16/2010 4:43 PM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

The list of certificates bundled with every web browser on the planet includes multiple certificates under the control of the Chinese Government. Given access to these certs, the protections provided by SSL and S/MIME are worthless.
CA Dude at 11/16/2010 5:11 PM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

"Since traffic moves around the world in milliseconds, the computer user would not have noticed the delay."

This is not correct. Traffic going from the East coast to China and back, even at close to the speed of light, will always take much longer than "sending information only a few miles away".

Washington, DC to Beijing, China and back is 23342 miles, or 0.125 light seconds, whereas "a few miles" would be closer to 0.00001 seconds.

That's why large web sites distribute their content on servers across the globe, so the one closest to the user can respond.
Mike at 11/16/2010 5:45 PM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

This article is so-god-damned simplistic and more rumors. The Chinese didn't even try to hide it as per the BGPmon.net monitor. I'm 99% sure this was simply a fat-finger good old fashioned programming error on their peering/IP transit routers. This has HAPPENED MANY TIMES IN THE US/CANADA AND EUROPE.

Oh and BTW, the Chinese great firewall/DPI (deep packet inspection) "Golden Shield" according to public documents these days is mostly Huawei high-end routers including the NE80E, SIG9800 and a few others. Huawei have sold this product WORLDWIDE including Europe and the Middle East and they simply market the product/engineer the product like Cisco & Juniper. The Chinese government (aka CCP, some propaganda department probably) is responsible for the operation of the filter lists which gets passed to the semi-nationalized telecom operators (China Telecom, China Unicom/(ex. Netcom), China Mobile and a few others licensed for international inter-connect). China Telecom uses AS4134 and Unicom/Netcom uses 4837 for international peering with foreign countries. There are a few other Chinese AS'es I believe but those are for special reserved usage like VPN. The way it works is very simple, there are two layers. There's an internal AS layer within the provinces of China (not connected to outside the country) and an international layer. All international peering/IP-transit traffic is connected to a Cisco/Juniper device which passes all traffic to a Huawei DPI (deep packet inspection) for high-speed ASIC based filtering. If a keyword matches (e.g. twitter, facebook) the packet is dropped and the Chinese have aggregate logged data of filtered data like any other commercial product off the Huawei device. It is technically impossible to do massive packet capture unless they are specifically targeting something. The Chinese-fucked up routes probably sent to Chinese-border international border routers, their Huawei DPI probably dropped those packets. They also manipulate/use faux-DNS using their Huawei DPI. (So if you use opendns in China the DNS will still be manipulated, it's TIME FOR ENCRYPTED DNS!)

Here's another open industry secret:
The Chinese like any other international ISP have to connect their network to the international internet up-stream ISPs/ASN's right. I believe now they even have some of their DPI hardware in the US/Europe. Again all public data, see:
https://www.peeringdb.com/private/participant_view.php?id=308
https://www.peeringdb.com/private/participant_view.php?id=730

If the US gov't really wanted to see China's internet filter lists they could theoretically do the following (again this would be POLITICAL SUICIDE I'M GUESSING AND possibly touch off a war with China, and would require a warrant obviously):
Go to Any2 LA or Equinix San Jose or any other Chinese international peering/IP-transit place and go to China Telecom or China Unicom's cage. Seize the Huawei DPI device. Simple. Copy the data. Do analysis. Return it back to the Chinese!? LOL. It's a Chinese-registered APNIC IP with a public WHOIS registration of "FSKWC NET". Mhmm... F must standard for Firewall. Must be the Chinese-DPI-GFW firewall cluster. The internet community has discovered that all traffic to Mainland China passes through a FSKWC NET device before it goes further in-ward to China. Some of these devices we know are in the US and Europe where the Chinese peer before they are sent across the pacific on one of the Trans-pacific or Eur-Asia fiber-optic cables (TPE, etc...)

The real problem with China is political and political change. I believe this will change over time as change evolves, develops and moves towards a more open model. As an engineer I really don't care about political crap, I wish they would just develop an open internet policy like HK or Singapore or Japan. Filtering political extremism is fine for stability (remember in Chinese thinking/culture it's all about "stability" versus "individuality" in the West), just don't filter entertainment sites like YouTube/Twitter or Facebook. 99.9% of IP traffic to those sites are entertainment anyways. Wasn't there a recent study that says 60% of tweets to twitter was un-read anyways? I just don't want to use my god-damned VPN when I travel to China just to catch-up on my friends entertainment instead of standard HTTPS.

Oh and recommendations for website/software developers: Implement .com/.net DNS-SEC ASAP. Then MS and Mozilla should install the default DNS-SEC checker by default. Then Chinese internet users will know that their DNS entries are being forged (remember this is only one stage of the "Golden Shield"/"GFW"). They can program their ... DPI to forge the DNS-SEC responses anyways. When this happens they will have to face international internet governance pressure (aka ICAN and a few others) community on why the hell they are forging responses to something that makes the internet more secure. Like their forgery of International DNS.                                          
Will at 11/16/2010 5:54 PM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

Before we all freak out I hope (well pray) the US Government checks the fingerprints of the public key before just accepting it... I mean like is this basic or is it basic? I assume they don't rely on the hierarchical trust signing system...
Michael Williams at 11/16/2010 9:25 PM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

@Will - fantastic post, thank you!
Matt at 11/16/2010 9:48 PM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

Global Strike oligarchy China. The neo-totalitarian technological Mao expands and no one is safe. Put your paranoia level defense. Freedom for the planet.
http://hacksperger.wordpress.com/
Er1cBl41r at 11/17/2010 5:22 AM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

You need to read JR02-2009, Tracking Ghostnet, the Canadian report on the Chinese infecting 1295 computers in 103 countries, just to spy on Tibet. Face it, the Chinese are waging an internation cyber terrorist war on the entire world. Let us just hope that since they are becoming the world's largest economic power they want to keep their country affluent and not start a real military war.
Benny Vento at 11/17/2010 9:44 AM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

Yikes! The internet is insecure???? Come on! Even the average user knows not to send credit card information via unencrypted e-mail but maybe the super-geeks at the NSA just don't get it. The government should be using internal networks for secure communications and they certainly do a lot more than anyone realizes. This event can probably be best understood in the context of Chinese intelligence gathering methodology, which is to scoop up huge amounts of information, any information, and then subject it to intense analysis. If one has enough apparent trivia and enough analytical capacity one can make general inferences. Lots of these lead to more specific ones. For sure the Chinese stored the rerouted data for intensive machine and human processing. Like the government officials who didn't get alarmed despite McAfee's warnings, I don't think this is anything to worry about. It simply reflects the equilibrium in the way resources are deployed between two opposing intelligence communities; that our guys are aware of the situation and are nonplussed.
Tom Camilleri at 11/17/2010 12:05 PM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

This message probably went through china. 15% went through china, It had to go somewhere. I bet it went through China then went through the US secret service then UK secret service and so on. Thats why you should make your own encryption and only give the dycryption to people who you trust. Like BBM which cannot be decrypted by anyone.

"NDIA is not responsible for screening" which is basicly what china did. I love these legal noticees
dadum01 at 11/17/2010 12:17 PM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

The hijacking is something to be a little bit concerned about, but I doubt the claim that 15% of traffic was hijacked is even close to accurate, until someone posts better proof,  the claim seems outright outlandish,  far too outlandish for some anonymous person at McAfee to make without extroardinary evidence, and a valid statistical method to draw that conclusion.

Without insider information from the hijackers, who knows how many bytes of data they could actually be capable of capturing,  but besides: Hijacking traffic destined for 15% of IP addresses passing through certain routers is not equivalent  to intercepting 15% of all internet traffic.

Equating X% of IP addresses to X% traffic is much like saying "15% of stock symbols on the exchange increased in value today,  so that's proof 15% of investors must have made a profit today"

Jim at 11/17/2010 12:21 PM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

Perhaps you don't know about Echelon "http://en.wikipedia.org/wiki/Echelon_(signals_intelligence)"
And the difference is?
Spanner at 11/17/2010 12:51 PM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

No one with a shred of knowledge about computers or networks uses the word "cyber"

http://www.wired.com/threatlevel/2010/03/cyber-hype/
akk at 11/17/2010 1:27 PM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

Perhaps this goes hand in hand with China also unveiling what has been advertised as the newest and fastest SuperComputer in the World.  Perhaps they can decypher this data in a matter of a few minutes or hours ...?  Makes you think a little deeper about security
Daryl Kallevig at 11/17/2010 5:16 PM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

If I was an American I would be a whole lot more concerned to realise that Comverse and Amdocs - both Israeli companys - have a total lock on US telephone billings, and also implemeting and maintaining wiretaps at US central telephony exchanges.  Do you people have ANY idea how foolish it is to let these crtitical administration duties fall into the hands of Companys that have huge dual-loyalty issues ?  Do you REALLY think Israel has no interest in who talks to whom and what they say.  Can you imagine the potential for blackmail inherant in these two Companys activities.  Now, why exactly do you think Israel is able to control so much of the US foreign policy when it comes to the Israeli agenda.  You have been powned.
Henry Balfour at 11/17/2010 7:55 PM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

@ "Richard Ford"

How's life in the China Propaganda Agency - Mr. Chan?
jjjjjjjjjjjjjjjjjjg at 11/18/2010 1:59 AM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

Although China is doing this. what is the difference of China hijacking all the internet traffic when the US government does the same thing to all itnernet traffic.  We have known now for years that the US government has been monitoring internet and phone traffic of every American citizen.
Andrew at 11/18/2010 11:31 AM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic: UPDATED

Ok it's time to disconnect china from the internet.
Bob at 11/25/2010 9:59 PM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic: UPDATED

China is a far worse threat than we imagined Russia was during the Cold War. What I can't believe is how we continue to do any business at all with that country. It all boils down to the Almighty Dollar. Ask former President Clinton how much he received in bribes to institute trade with China. Why don't we try people for treason any more?
Peter Stallone at 12/1/2010 10:59 AM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic: UPDATED

Good references for the Media Paper
Kate at 12/15/2010 2:30 AM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic: UPDATED

That's... kinda scary.
Mio at 12/29/2010 4:48 PM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic: UPDATED

Is there anything in DNSSEC or Web 2.0 protocol changes that would "fix" this?
Rush at 1/1/2011 10:49 AM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic: UPDATED

The "attack" described in the original article involved Border Gateway Protocol (BGP), which is used for determining how traffic is routed through the Internet.  DNS is a completely different protocol (for a completely different purpose), so there's nothing in DNSSEC which would have changed that incident.  (Note that some of the comments refer to different DNS-based issues involving China, where DNSSEC could make a difference.)  "Web 2.0" isn't really a protocol, and wouldn't make any difference (in fact, it's almost certain that some of the diverted traffic was from "Web 2.0" applications).
Garrett at 1/5/2011 6:00 PM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic: UPDATED

This is huge..

I don't understand why I didn't see this on major news channel

François
François at 2/16/2011 10:23 AM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic: UPDATED

This massive redirection of data has received scant attention in the mainstream media because the mechanics of how the hijacking was carried out and the implications of the incident are difficult for those outside the cybersecurity community to grasp, said a top security expert at McAfee, the world’s largest dedicated Internet security company.
James Hood at 3/16/2011 2:05 AM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic: UPDATED

I wonder if this was done through man-in-the-middle attacks through the use of China certificates on United States computers.  When, I was doing cyber analysis back in 2000, I noticed the Chinese liked to hit your computer strong and hard, the Russians hit softly, and the compromised US computers were in-between on the port scanning attempts.  This certainly deserves more analysis.
Dan at 4/9/2011 10:23 PM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic: UPDATED

Maybe this will be a long project of National Defense in order to have a good service for everyone, specially to the surfers.
christian at 5/5/2011 8:25 PM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic: UPDATED

As a just normal user of the Internet this is all Chinese to me. Only a sick mind would want to know what is said in my emails and messages. It would take a huge number of people to distillate anything useful out of this formidable mass of data, and at whose cost ? There is no money available for such little games, maybe a good thing the world's economies are broke.
Claude Beck at 5/10/2011 10:03 AM

Re: Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic: UPDATED

from my own experiences, China public Internet services are likely at the same time monitoring systems.
the dial-up modems respectively the drive-ware provided by China telecom, China Unicom, China Mobile, and etc., mostly made by Huawei or Zhongxing, will automatically implement spyware /backdoor in your computers. Such malware may be not "harmful" because it's hibernating; but you never know when it'll wake up!
the worse is that, you are not able to delete such malware - unless you re-install the system.

David at 5/24/2012 7:48 AM

Add Comment
Items on this list require content approval. Your submission will not appear in public views until approved by someone with proper rights. More information on content approval.

Name: *

eMail *

Comment *

Title

Attachments

Name: *


eMail *


Comment *


 

Refresh
Please enter the text displayed in the image.
The picture contains 6 characters.

Characters *

  

Legal Notice *

NDIA is not responsible for screening, policing, editing, or monitoring your or another user's postings and encourages all of its users to use reasonable discretion and caution in evaluating or reviewing any posting. Moreover, and except as provided below with respect to NDIA's right and ability to delete or remove a posting (or any part thereof), NDIA does not endorse, oppose, or edit any opinion or information provided by you or another user and does not make any representation with respect to, nor does it endorse the accuracy, completeness, timeliness, or reliability of any advice, opinion, statement, or other material displayed, uploaded, or distributed by you or any other user. Nevertheless, NDIA reserves the right to delete or take other action with respect to postings (or parts thereof) that NDIA believes in good faith violate this Legal Notice and/or are potentially harmful or unlawful. If you violate this Legal Notice, NDIA may, in its sole discretion, delete the unacceptable content from your posting, remove or delete the posting in its entirety, issue you a warning, and/or terminate your use of the NDIA site. Moreover, it is a policy of NDIA to take appropriate actions under the Digital Millennium Copyright Act and other applicable intellectual property laws. If you become aware of postings that violate these rules regarding acceptable behavior or content, you may contact NDIA at 703.522.1820.

 

 

Bookmark and Share